Beispiel #1
0
function userpro_admin_users_badges($value, $column_name, $user_id)
{
    global $userpro;
    $user = get_userdata($user_id);
    if (userpro_get_option('backend_users_change')) {
        if ('userpro_username' == $column_name) {
            $res = '<div class="upadmin-avatar">' . get_avatar($user_id, 40) . '</div>';
            $res .= '<strong><a href="' . $userpro->permalink($user_id) . '" target="_blank" title="' . __('View Profile', 'userpro') . '">' . $user->user_login . '</a></strong><br />';
            $res .= '<span class="upadmin-small-name">(' . userpro_profile_data('display_name', $user_id) . ')</span>';
            $res .= '<div class="row-actions"><span class="edit"><a href="' . $userpro->permalink($user_id, 'edit') . '" target="_blank">' . __('Edit Profile', 'userpro') . '</a></span></div>';
            return $res;
        }
    }
    if ('userpro_admin_badges' == $column_name) {
        $res = userpro_show_badges($user_id, true);
        return $res;
    }
    if ('userpro_verify' == $column_name) {
        $res = '<div class="upadmin-verify-v2">';
        if ($userpro->get_verified_status($user_id) == 0) {
            $res .= '<a href="#" class="button upadmin-verify-u" data-user="******">' . userpro_get_badge('unverified') . '</a>';
        } else {
            if (userpro_is_admin($user_id)) {
                $res .= '<a href="#" class="button button-primary upadmin-unverify-u" data-user="******">' . userpro_get_badge('verified') . '</a>';
            } else {
                $res .= '<a href="#" class="button button-primary upadmin-unverify-u" data-user="******">' . userpro_get_badge('verified') . '</a>';
            }
        }
        if ($userpro->get_verified_status($user_id) == 0) {
            if ($userpro->invited_to_verify($user_id)) {
                $res .= '&nbsp;&nbsp;' . __('Invitation sent!', 'userpro');
            } else {
                $res .= '<a href="#" class="button upadmin-invite-u" data-user="******">' . __('Verified Invite', 'userpro') . '</a>';
            }
        }
        $res .= '</div>';
        return $res;
    }
    if ('block_users' == $column_name) {
        $res = '<div class="upadmin-block-v2">';
        if ($userpro->get_account_status($user_id) == 0) {
            $res .= '<a href="#" class="button upadmin-block-u" data-user="******">' . userpro_get_badge('unblocked') . '</a>';
        } else {
            if (userpro_is_admin($user_id)) {
                $res .= '<a href="#" class="button upadmin-unblock-u" data-user="******">' . userpro_get_badge('blocked') . '</a>';
            } else {
                $res .= '<a href="#" class="button upadmin-unblock-u" data-user="******">' . userpro_get_badge('blocked') . '</a>';
            }
        }
        if ($userpro->get_account_status($user_id) == 1) {
            $res .= '<span class="button" data-user="******">' . __('Account Blocked', 'userpro') . '</span>';
        }
        $res .= '</div>';
        $res .= '</div>';
        return $res;
    }
    return $value;
}
Beispiel #2
0
function userpro_unverify_verified_account($form, $user_id)
{
    global $userpro;
    // validate display name change
    if (!userpro_is_admin($user_id) && userpro_get_option('unverify_on_namechange') && $userpro->get_verified_status($user_id) == 1 && !current_user_can('manage_options')) {
        if (isset($form['display_name'])) {
            $old_displayname = userpro_profile_data('display_name', $user_id);
            $new_displayname = $form['display_name'];
            if ($new_displayname != $old_displayname) {
                $userpro->unverify($user_id);
            }
        }
    }
}
Beispiel #3
0
 function get_verified_status($user_id)
 {
     $field = get_user_meta($user_id, 'userpro_verified', true);
     if (userpro_is_admin($user_id)) {
         //return 1;
         return $field;
     } else {
         return $field;
     }
 }
Beispiel #4
0
function userpro_process_form()
{
    global $userpro;
    if (!isset($_POST['_myuserpro_nonce']) || !wp_verify_nonce($_POST['_myuserpro_nonce'], '_myuserpro_nonce_' . $_POST['template'] . '_' . $_POST['unique_id'])) {
        die;
    }
    if (!isset($_POST) || $_POST['action'] != 'userpro_process_form') {
        die;
    }
    if (!userpro_is_logged_in() && $_POST['template'] == 'edit') {
        die;
    }
    extract($_POST);
    foreach ($_POST as $key => $val) {
        $key = explode('-', $key);
        $key = $key[0];
        $form[$key] = $val;
    }
    extract($form);
    /* form action */
    switch ($template) {
        /* publish */
        case 'publish':
            $output['error'] = '';
            if (!$post_title) {
                $output['error']['post_title'] = __('You must enter a post title.', 'userpro');
            }
            if (!$userpro_editor) {
                $output['error']['userpro_editor'] = __('You must enter some content.', 'userpro');
            }
            /*
            	publish post
            */
            if (empty($output['error'])) {
                $array = array('post_title' => $post_title, 'post_content' => @wp_kses($userpro_editor), 'post_author' => $user_id);
                if ($post_type) {
                    $array['post_type'] = $post_type;
                }
                if (userpro_is_admin($user_id)) {
                    $array['post_status'] = 'publish';
                    $post_id = wp_insert_post($array);
                    $output['custom_message'] = '<div class="userpro-message userpro-message-ajax"><p>' . sprintf(__('Your post has been published. You can view it %s.', 'userpro'), '<a href="' . get_permalink($post_id) . '">here</a>') . '</p></div>';
                } else {
                    // under review
                    $array['post_status'] = 'pending';
                    $post_id = wp_insert_post($array);
                    $output['custom_message'] = '<div class="userpro-message userpro-message-ajax"><p>' . __('Your post has been sent for review. It will be checked by our staff.', 'userpro') . '</p></div>';
                }
                /*
                	empty category first
                */
                wp_set_object_terms($post_id, NULL, 'category');
                /*
                	taxonomy
                	and category
                */
                if (isset($taxonomy) && isset($category)) {
                    $categories = explode(',', $category);
                    if (is_array($categories)) {
                        foreach ($categories as $cat) {
                            if (is_numeric($cat)) {
                                $cat = (int) $cat;
                            }
                            $cats[] = $cat;
                        }
                        wp_set_object_terms($post_id, $cats, $taxonomy);
                    } else {
                        if (is_numeric($categories)) {
                            $categories = (int) $categories;
                        }
                        wp_set_object_terms($post_id, $categories, $taxonomy);
                    }
                }
                /*
                	multiple taxonomy
                	category insertion
                */
                if (isset($post_categories)) {
                    $i = 0;
                    foreach ($post_categories as $cat) {
                        $i++;
                        $split = explode('#', $cat);
                        $tax = $split[1];
                        $id = $split[0];
                        $terms[$tax][] = $id;
                    }
                    if (is_array($terms)) {
                        foreach ($terms as $k => $arr) {
                            wp_set_object_terms($post_id, $terms[$k], $k, true);
                        }
                    }
                }
                /*
                	assign featured
                	image for post
                */
                if ($post_featured_image) {
                    $attach_id = $userpro->new_attachment($post_id, $post_featured_image);
                    $userpro->set_thumbnail($post_id, $attach_id);
                }
            }
            break;
            /* delete profile */
        /* delete profile */
        case 'delete':
            $output['error'] = '';
            $user = get_userdata($user_id);
            $user_roles = $user->roles;
            $user_role = array_shift($user_roles);
            if (!$confirmdelete) {
                $output['error']['confirmdelete'] = __('Nothing was deleted. You must choose yes to confirm deletion.', 'userpro');
            } elseif ($user_role == 'administrator') {
                $output['error']['confirmdelete'] = __('For security reasons, admin accounts cannot be deleted.', 'userpro');
            } elseif ($user->user_login == 'test') {
                $output['error']['confirmdelete'] = __('You cannot remove test accounts from frontend!', 'userpro');
            } else {
                require_once ABSPATH . 'wp-admin/includes/user.php';
                userpro_mail($user_id, 'accountdeleted');
                // Delete user
                if (is_multisite()) {
                    // Multisite: Deletes user's Posts and Links, then deletes from WP Users|Usermeta
                    // ONLY IF "Delete From Network" setting checked and user only belongs to this blog
                    wpmu_delete_user($user_id);
                } else {
                    // Deletes user's Posts and Links
                    // Multisite: Removes user from current blog
                    // Not Multisite: Deletes user from WP Users|Usermeta
                    wp_delete_user($user_id);
                }
                $output['custom_message'] = '<div class="userpro-message userpro-message-ajax"><p>' . __('This account has been deleted successfully.', 'userpro') . '</p></div>';
                $output['redirect_uri'] = home_url();
            }
            break;
            /* change pass */
        /* change pass */
        case 'change':
            $output['error'] = '';
            if (!$secretkey) {
                $output['error']['secretkey'] = __('You did not provide a secret key.', 'userpro');
            } elseif (strlen($secretkey) != 20) {
                $output['error']['secretkey'] = __('The secret key you entered is invalid.', 'userpro');
            }
            /* Form validation */
            /* Here you can process custom "errors" before proceeding */
            $output['error'] = apply_filters('userpro_form_validation', $output['error'], $form);
            if (empty($output['error'])) {
                $users = get_users(array('meta_key' => 'userpro_secret_key', 'meta_value' => $secretkey, 'meta_compare' => '='));
                if (!$users[0]) {
                    $output['error']['secretkey'] = __('The secret key is invalid or expired.', 'userpro');
                } else {
                    $user_id = $users[0]->ID;
                    wp_update_user(array('ID' => $user_id, 'user_pass' => $user_pass));
                    delete_user_meta($user_id, 'userpro_secret_key');
                    add_action('userpro_pre_form_message', 'userpro_msg_login_after_passchange');
                    $shortcode = stripslashes($shortcode);
                    $modded = str_replace('template="change"', 'template="login"', $shortcode);
                    $output['template'] = do_shortcode($modded);
                }
            }
            break;
            /* send secret key */
        /* send secret key */
        case 'reset':
            $output['error'] = '';
            if (!$username_or_email) {
                $output['error']['username_or_email'] = __('You should provide your email or username.', 'userpro');
            } else {
                if (is_email($username_or_email)) {
                    $user = get_user_by_email($username_or_email);
                    $username_or_email = $user->user_login;
                }
                if (!username_exists($username_or_email)) {
                    $output['error']['username_or_email'] = __('There is not such user in our system.', 'userpro');
                } elseif (!$userpro->can_reset_pass($username_or_email)) {
                    $output['error']['username_or_email'] = __('Resetting admin password is not permitted!', 'userpro');
                }
            }
            /* Form validation */
            /* Here you can process custom "errors" before proceeding */
            $output['error'] = apply_filters('userpro_form_validation', $output['error'], $form);
            /* email user with secret key and update
            			his user meta */
            if (empty($output['error'])) {
                $user = get_user_by('login', $username_or_email);
                $uniquekey = wp_generate_password(20, $include_standard_special_chars = false);
                update_user_meta($user->ID, 'userpro_secret_key', $uniquekey);
                userpro_mail($user->ID, 'secretkey', $uniquekey);
                add_action('userpro_pre_form_message', 'userpro_msg_secret_key_sent');
                $shortcode = stripslashes($shortcode);
                $modded = str_replace('template="reset"', 'template="change"', $shortcode);
                $output['template'] = do_shortcode($modded);
            }
            break;
            /* login */
        /* login */
        case 'login':
            $output['error'] = '';
            if (!$username_or_email) {
                $output['error']['username_or_email'] = __('You should provide your email or username.', 'userpro');
            }
            if (!$user_pass) {
                $output['error']['user_pass'] = __('You should provide your password.', 'userpro');
            }
            if (email_exists($username_or_email)) {
                $user = get_user_by('email', $username_or_email);
                $username_or_email = $user->user_login;
            }
            /* Form validation */
            /* Here you can process custom "errors" before proceeding */
            $output['error'] = apply_filters('userpro_login_validation', $output['error'], $form);
            if (empty($output['error']) && $username_or_email && $user_pass) {
                $creds = array();
                $creds['user_login'] = $username_or_email;
                $creds['user_password'] = $user_pass;
                $creds['remember'] = true;
                $user = wp_signon($creds, false);
                if (is_wp_error($user)) {
                    if ($user->get_error_code() == 'invalid_username') {
                        $output['error']['username_or_email'] = __('Invalid email or username entered', 'userpro');
                    } elseif ($user->get_error_code() == 'incorrect_password') {
                        $output['error']['user_pass'] = __('The password you entered is incorrect', 'userpro');
                    }
                } else {
                    /* check the account is active first */
                    if ($userpro->is_pending($user->ID)) {
                        if (userpro_get_option('users_approve') === '2') {
                            $output['custom_message'] = '<div class="userpro-message userpro-message-ajax"><p>' . __('Your email is pending verification. Please activate your account.', 'userpro') . '</p></div>';
                        } else {
                            $output['custom_message'] = '<div class="userpro-message userpro-message-ajax"><p>' . __('Your account is currently being reviewed. Thanks for your patience.', 'userpro') . '</p></div>';
                        }
                        wp_logout();
                    } else {
                        /* a good login */
                        userpro_auto_login($user->user_login, true);
                        if (isset($force_redirect_uri) && !empty($force_redirect_uri)) {
                            $output['redirect_uri'] = 'refresh';
                        } else {
                            if (current_user_can('manage_options') && userpro_get_option('show_admin_after_login')) {
                                $output['redirect_uri'] = admin_url();
                            } else {
                                if (isset($redirect_uri) && !empty($redirect_uri)) {
                                    $output['redirect_uri'] = $redirect_uri;
                                } else {
                                    if (userpro_get_option('after_login') == 'no_redirect') {
                                        $output['redirect_uri'] = 'refresh';
                                    }
                                    if (userpro_get_option('after_login') == 'profile') {
                                        $output['redirect_uri'] = $userpro->permalink();
                                    }
                                }
                            }
                            /* hook the redirect URI */
                            $output['redirect_uri'] = apply_filters('userpro_login_redirect', $output['redirect_uri']);
                        }
                        /* super redirection */
                        if (isset($global_redirect)) {
                            $output['redirect_uri'] = $global_redirect;
                        }
                    }
                    // active/pending
                }
            }
            break;
            /* editing */
        /* editing */
        case 'edit':
            if ($user_id != get_current_user_id() && !current_user_can('manage_options')) {
                die;
            }
            userpro_update_user_profile($user_id, $form, $action = 'ajax_save');
            if (userpro_get_option('notify_admin_profile_save') && !current_user_can('manage_options')) {
                userpro_mail($user_id, 'profileupdate', null, $form);
            }
            add_action('userpro_pre_form_message', 'userpro_msg_profile_saved');
            if ($_POST['up_username']) {
                set_query_var('up_username', $_POST['up_username']);
            }
            $shortcode = stripslashes($shortcode);
            $modded = $shortcode;
            $output['template'] = do_shortcode($modded);
            break;
            /* registering */
        /* registering */
        case 'register':
            $output['error'] = '';
            /* Form validation */
            /* Here you can process custom "errors" before proceeding */
            $output['error'] = apply_filters('userpro_register_validation', $output['error'], $form);
            if (empty($output['error']) && (isset($user_login) && isset($user_email) && isset($user_pass) || isset($user_login) && isset($user_email) || isset($user_email))) {
                if (isset($user_login)) {
                    $user_exists = username_exists($user_login);
                } else {
                    $user_exists = username_exists('the_cow_that_did_run_after_the_elephant');
                    $user_login = $user_email;
                }
                if (!isset($user_exists) and email_exists($user_email) == false) {
                    if (!isset($user_pass)) {
                        $user_pass = wp_generate_password($length = 12, $include_standard_special_chars = false);
                    }
                    /* not auto approved? */
                    if (userpro_get_option('users_approve') !== '1') {
                        /* require email validation */
                        if (userpro_get_option('users_approve') === '2') {
                            $user_id = $userpro->new_user($user_login, $user_pass, $user_email, $form, $type = 'standard', $approved = 0);
                            $userpro->pending_email_approve($user_id, $user_pass, $form);
                            add_action('userpro_pre_form_message', 'userpro_msg_activate_pending');
                            $shortcode = stripslashes($shortcode);
                            $modded = str_replace('template="register"', 'template="login"', $shortcode);
                            $output['template'] = do_shortcode($modded);
                        }
                        /* require admin validation */
                        if (userpro_get_option('users_approve') === '3') {
                            $user_id = $userpro->new_user($user_login, $user_pass, $user_email, $form, $type = 'standard', $approved = 0);
                            $userpro->pending_admin_approve($user_id, $user_pass, $form);
                            add_action('userpro_pre_form_message', 'userpro_msg_activate_pending_admin');
                            $shortcode = stripslashes($shortcode);
                            $modded = str_replace('template="register"', 'template="login"', $shortcode);
                            $output['template'] = do_shortcode($modded);
                        }
                    } else {
                        $user_id = $userpro->new_user($user_login, $user_pass, $user_email, $form, $type = 'standard');
                        /* auto login */
                        if (userpro_get_option('after_register_autologin')) {
                            $creds = array();
                            $creds['user_login'] = $user_login;
                            $creds['user_password'] = $user_pass;
                            $creds['remember'] = true;
                            $user = wp_signon($creds, false);
                            if (isset($user->user_login)) {
                                userpro_auto_login($user->user_login, true);
                            }
                            if ($redirect_uri) {
                                $output['redirect_uri'] = $redirect_uri;
                            } else {
                                if (userpro_get_option('after_register') == 'no_redirect') {
                                    $output['redirect_uri'] = 'refresh';
                                }
                                if (userpro_get_option('after_register') == 'profile') {
                                    $output['redirect_uri'] = $userpro->permalink();
                                }
                            }
                            /* hook the redirect URI */
                            $output['redirect_uri'] = apply_filters('userpro_register_redirect', $output['redirect_uri']);
                            /* manual login form */
                        } else {
                            add_action('userpro_pre_form_message', 'userpro_msg_login_after_reg');
                            $shortcode = stripslashes($shortcode);
                            $modded = str_replace('template="register"', 'template="login"', $shortcode);
                            $output['template'] = do_shortcode($modded);
                        }
                    }
                }
            }
            break;
    }
    $output = json_encode($output);
    if (is_array($output)) {
        print_r($output);
    } else {
        echo $output;
    }
    die;
}
Beispiel #5
0
 function get_account_status($user_id)
 {
     $status = get_user_meta($user_id, 'userpro_account_status', true);
     if (userpro_is_admin($user_id)) {
         //return 1;
         return $status;
     } else {
         return $status;
     }
 }